IPMediumSignal 71/100
66.132.224.24
Location
United StatesAnn Arbor, Michigan
ASN
AS398324
Censys Inc
First Seen
Mar 21, 2026
Last Seen
Jun 9, 2026
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
71%
Signal Score
71 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountryUnited States
United StatesRegionAnn Arbor, Michigan
ASNAS398324
OrganizationCensys Inc
Feed Intelligence Summary
13 reports71% confidence
13
Source reports
71%
Confidence score
Category tags
abuseaccount compromiseactive scanactive scanningaptasiaattackaustraliaautomated attackbad reputationbad web botbotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute-forcebrute_forcebrute_force_attackbruteforcecloud environmentcloud infrastructurecloud infrastructure attackcloud servicescommunication protocolcowriecowrie honeypotcredential accesscredential harvestingcredential stuffingdata exfiltrationdata store exposuredatabase attackdatabase securitydcomddosddos attackdecoy systemdenial of servicedigital oceandionaeadionaea honeypotexploitation activityexploited hostexternal threatexternal_threatfattfraud voipftpftp brute-forceftp_scanhackinghoneytrap honeypothttp scannerhttp_scanidentity & access exploitationinbound scanindicatorinfrastructure targetinginitial accessinitial_accessinjection activityinjection attacksinternet facing systemsinternet-facing assetsinternet-facing serviceinternet_wide_scaniocsiot securityiot targetedipv4ipv4 addressesipv4 scanningipv4 trafficipv4_scanningjapanmailoney honeypotmalicious activitymalicious ipmalicious ip addressesmalwaremalware behaviourmalware capturemirainetworknetwork attacksnetwork discoverynetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork_reconnaissancenetwork_scanningnorth americaoceaniap0fpassword attacksphishingphishing attackphishing trapportscanprotocol exploitationransomwarerdp_scanreconnaissanceremote accessremote servicesresearchedresource hijackingrpcscams & fraudscanscannerscannersscanning activitysecurity operationssensor-taggedsentrypeer botnetservice scansipsmtpsocial engineeringsocradar honeypotspamsql injectionsshssh attackssh monitoringssh_scansystem accesst1018t1021t1021.001t1040t1046t1059.003t1071.001t1076t1078t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1486t1496t1499.001t1499.002t1499.003t1563t1566.001t1566.002t1566.003t1590t1590.002t1590.005t1592t1595t1595.001t1595.002t1595.003tannertargeting databasetcptcp protocoltcp scanningtelecommunicationstelnettelnet threatthreat actorthreat actor: unknownthreat detectionthreat intelligencethreat_actor_unknowntor nodetpotudpunited statesusvoipvoip attackvultrweb app attackweb application attackweb exploitweb exploitationweb spamweb traffic
Activity Timeline
Jun 9Jun 9
Threat Activity Heatmap
· Peak: 2026-06-09LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
71
SIGNAL
Signal Score
71%
Confidence
13
Reports
First seenMar 21, 2026
Last seenJun 9, 2026
GeolocationUS
CountryUnited States
LocationAnn Arbor, Michigan
ASNAS398324
OrgCensys Inc
Coords42.2809, -83.7489
VirusTotal
Not checked
WHOIS
- description
- IPv4 hosts detected port scanning DigitalOcean London (UK) honeypot
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 3 months ago · Last seen 10 days ago
Appeared in 13 threat reports